RSA Laboratories

5.3.6 What is the IETF Security Area?

The Internet Engineering Task Force (IETF) has evolved to become the primary international forum for standardization of protocols used in IP networking environments. IETF activities are divided into several functional areas; within the Security Area, several working groups have been active in defining security protocols and infrastructure facilities. Extensive information on IETF work is available at, including working group charters, working documents (Internet-Drafts), and published specifications (RFCs). RFCs are issued as standards-track, Informational, and Experimental documents; the standards-track documents advance through three maturity levels (Proposed Standard, Draft Standard, and Full Standard).

Some current and recently active IETF Security Area working groups include:


Public-Key Infrastructure (X.509), profiling usage of X.509 certificates and CRLs and defining associated PKI protocols (e.g., certificate management, certificate validation) (see Question


IP Security Protocol, defining encapsulation and key establishment protocols for use in protecting messages at the IP layer (see Question 5.1.4).


Defining the S/MIME Version 3 and related protocols for use in protecting electronic mail and other application messaging traffic (see Question 5.1.1).


Transport Layer Security, defining the standardized successor to the widely-deployed Secure Sockets Layer (SSL) protocol (see Question 5.1.2).


Common Authentication Technology, defining mechanisms and interfaces (GSS-API) for callable integration of security services into applications (see Question 5.2.2).


XML Digital Signatures, chartered in conjunction with the World-Wide Web Consortium to define digital signature facilities for XML documents.


Simple Public-Key Infrastructure, which has issued Experimental documents concerning definition and usage of certificates in a non-X.509 format.


An Open Specification for Pretty Good Privacy, defining a specification for message and key formats as used in PGP (see Question 5.2.6).


Secure Shell, defining specifications for the Secure Shell protocol (see Question 5.1.5).

Top of the page